Duo Security: Tips for studying abroad with two-factor

We're getting closer to the deadline for mandatory two-factor authentication at Miami University. One of the common queries we have received is about what happens when students and faculty go abroad—how will they access Miami resources protected by Duo when they have limited access to cell connectivity or don’t have an international data plan?

While it may seem like this is just another worry to throw on top of everything else you're already doing in preparation for going abroad, don't panic! It's easy to study abroad with Duo.

Choose your authentication method

There may be times that cell phone service or data (or both) may be unavailable. The good news is: There are several ways you can authenticate without connectivity. Here's how:

Use the app: Duo will work in airplane mode, in areas without a cellular signal, and in locations with no Wi-Fi signal, because the Duo Mobile app (installed on your smartphone or tablet) can generate Duo Passcodes even when no network connection is available.

Purchase a Yubikey: Duo, when used with a U2F hardware device (USB security key), will work in areas with unreliable internet access or coverage.

Opt to receive codes via text: When opting to get Duo codes via SMS message, you will receive 10 codes in a text message. Before going abroad, have a text message with 10 codes sent to your phone. If you check the “Remember me for 14 days” box, this means that you could potentially go 140 days without needing to receive another text message with codes (if you’re using the same browser window on the same computer every time you log in).

The first two are the easiest ways to get Duo codes without access to connectivity; using either of these options will allow you to log in to Miami resources. The third requires some planning ahead, but also provides a simple solution for those studying abroad for shorter periods of time, such as during the Winter Term.

Whichever way you choose, making sure you do this before you go abroad is critical—that way you won't run into snags while you're without connectivity.

IT Services recommendations

With the available authentication methods in mind, we have a few recommendations:

The recommended authentication method for everyone across the University is Duo Mobile, the smartphone application. Similarly, we recommend that you use the offline passcode option when you’re studying abroad. It’s easy, free, and doesn’t require cell or data service. If that isn’t an option for you, a Yubikey or texted codes will work!

In addition to setting up your authentication methods well in advance of your travels abroad, please remember to set up more than one device on your Duo account. This way, if you lose access to your primary authentication device, you have a way to log in until you can replace it.

Important note: Login screen appearance

In addition to Duo going live as our primary two-factor authentication solution on December 19, the red screen that appears whenever you log in to a Miami resource will undergo a facelift as well.

The most notable difference will be that the photo is going away in favor of the newly redesigned bright red background. The spots where you put your username and password will fill the middle of the screen:

The current login screen.

The new login screen.

Some folks are already seeing the latter screen, because they are testing recently rewritten applications for IT Services in our testing environment. Just be aware that after December 19, the new version will be live across the whole site!